What is Office 365 Multi-Factor Authentication (MFA)?
 

Azure Multi-Factor Authentication (MFA) helps safeguard access to data and applications while maintaining simplicity for users. It provides additional security by requiring a second form of authentication and delivers strong authentication via a range of easy to use authentication methods.

Multi-factor authentication is a process where a user is prompted during the sign-in process for an additional form of identification, such as entering a code on their cellphone or providing a fingerprint scan.

If you only use a password to authenticate a user, it leaves an insecure opportunity for attack. If the password is weak or has been exposed elsewhere, is it really the user signing in with the username and password, or is it an attacker? When you require a second form of authentication, security is increased as this additional factor isn't something that's easy for an attacker to obtain or duplicate.

Multi-Factor Authentication works by requiring two or more of the following authentication methods:

  • Something you know, typically a password.

  • Something you have, such as a trusted device that is not easily duplicated, like a phone or hardware key.

  • Something you are – biometrics such as a fingerprint or face scan.
     

MFA registered accounts are up to 99.9% less likely to be compromised.
 

MFA methods

You can currently choose from several MFA options and can use different options in different situations, depending on what is most convenient for you. The type of handshake, or knock, you choose can have an impact on how and where your account can be used.  So we want you to be well informed before you decide which method is best for you.
 

Option 1: Authentication Phone – (Call or text a phone number)
 

Call me

If you select the Phone Call method, you are setting up your MFA authentication to call you when you want to authenticate.  It is recommended to use a mobile phone that you always have with you, so you can authenticate no matter where you are located.  You will need to be able to access the phone during configuration. You will also enter a backup phone number that will be used if the first phone number is not answered or goes to voicemail.
 

Send me a code by text message

If you select the text message method, you are setting up your MFA authentication to send you a text message with a 6-digit code to use when you authenticate.  It is recommended to use a mobile phone that you always have with you, so you can authenticate no matter where you are located. You will need to be able to access the phone during configuration. You will also enter a backup phone number that will be used if the first phone number is not answered or goes to voicemail.
 

Option 2: Call My Office Phone – (Call my desk phone)
 

This option does require that you are near your office phone during authentication into Office 365.  Your office phone will receive a phone call and you will be prompted to accept or deny your login.
 

Option 3: Mobile App – (Microsoft Authenticator App) – Best User Experience

Download and install the Microsoft Authenticator App – https://www.microsoft.com/en-us/account/authenticator
 

Receive notifications for verification

This option pushes a notification to the authenticator app on your smartphone or tablet. View the notification, and if it is legitimate, press  Approve or Deny to confirm that you expected that login and the rest is automatic.
 

Use verification code 

For this option, the authenticator app generates a verification code that updates every 30 seconds. Enter the most current verification code in the sign-in interface.

 

If you have trouble configuring your MFA options, please contact the Help Desk at (620) 341-5555 or 1 (877) 341-5555 (toll free) or via email at HelpDesk@emporia.edu